2020-11-19 22:47:44 +01:00
< ? php
// Datenbank-Verbindungsparameter
require_once ( 'dbutils.php' );
require_once ( 'commonutils.php' );
require_once ( 'globals.php' );
require_once ( 'admin.php' );
require_once ( 'utilities/Emailer.php' );
class Closing {
var $dbutils ;
var $t ;
function __construct () {
$this -> dbutils = new DbUtils ();
require_once 'translations.php' ;
}
function handleCommand ( $command ) {
// all commands require manager rights
if ( ! ( $this -> hasCurrentUserManagerOrAdminRights ())) {
if ( $command != 'exportCsv' ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_MANAGER_NOT_AUTHOTRIZED , " msg " => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG ));
} else {
// exception - result is not handled on HTML/JS side
echo " Fehlende Benutzerrechte " ;
}
return ;
}
// user has manager rights
if ( $command == 'createClosing' ) {
$this -> createClosing ( $_POST [ 'remark' ]);
} else if ( $command == 'getClosings' ) {
$this -> getClosings ( $_GET [ 'month' ], $_GET [ 'year' ]);
} else if ( $command == 'exportCsv' ) {
$this -> exportCsv ( $_GET [ 'closingid' ]);
} else if ( $command == 'emailCsv' ) {
$this -> emailCsv ( $_GET [ 'closingid' ], $_GET [ 'emailaddress' ], $_GET [ 'topic' ]);
} else if ( $command == 'getClosing' ) {
$this -> getClosing ( $_GET [ 'closingid' ]);
} else if ( $command == 'getClosingSummary' ) {
$this -> getClosingSummary ( $_GET [ 'closingid' ], null , true );
} else {
echo " Command not supported. " ;
}
}
private function hasCurrentUserManagerOrAdminRights () {
session_start ();
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
// no user logged in
return false ;
} else {
return ( $_SESSION [ 'right_manager' ] || $_SESSION [ 'is_admin' ]);
}
}
private function getDecPoint () {
$sql = " SELECT name,setting FROM %config% WHERE name=? " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( " decpoint " ));
$row = $stmt -> fetchObject ();
return ( $row -> setting );
}
private function createClosing ( $remark ) {
if ( is_null ( $remark )) {
$remark = " " ;
}
$decpoint = $this -> getDecPoint ();
// first create a closing entry
$remark = $this -> dbutils -> filterString ( $remark );
date_default_timezone_set ( DbUtils :: getTimeZone ());
$closingTime = date ( 'Y-m-d H:i:s' );
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$pdo -> beginTransaction ();
$closingEntrySql = " INSERT INTO `%closing%` (`id` , `closingdate`,`remark`,`billcount`,`billsum`,`signature`) VALUES (NULL ,?,?,?,?,?) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $closingEntrySql ));
$stmt -> execute ( array ( $closingTime , $remark , 0 , 0.0 , null ));
$newClosingId = $pdo -> lastInsertId ();
// test for consistency of bills
$sql = " SELECT id FROM %bill% WHERE closingid is null AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$result = $stmt -> fetchAll ();
$utils = new CommonUtils ();
$ok = true ;
foreach ( $result as $row ) {
$aBillId = $row [ 'id' ];
if ( ! $utils -> verifyBill ( $pdo , $aBillId )) {
$ok = false ;
break ;
}
}
if ( ! $ok ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
}
// declare not closed bills as closed
$declareClosedSql = " UPDATE %bill% SET closingid=' $newClosingId ' WHERE closingid is null AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $declareClosedSql ));
$stmt -> execute ();
$sql = " SELECT count(id) as billstotake FROM %bill% WHERE closingid=? AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $newClosingId ));
$row = $stmt -> fetchObject ();
$billsToTake = $row -> billstotake ;
$pricesum = null ;
// now calculate the sum of the prices of this closing
if ( $billsToTake > 0 ) {
$sql = " SELECT sum(brutto) as pricesum FROM %bill% WHERE closingid=? AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $newClosingId ));
$row = $stmt -> fetchObject ();
$pricesum = $row -> pricesum ;
}
if ( is_null ( $pricesum )) {
$pricesum = 0 ;
}
$prevClosingDate = self :: getDateOfPreviousClosing ( $pdo , $newClosingId );
if ( is_null ( $prevClosingDate )) {
$prevClosingDate = " " ;
}
// sign the date
$pricesumstr = number_format ( $pricesum , 2 , " . " , '' );
$data = " I( $newClosingId )-S( $prevClosingDate )-E( $closingTime )-D( $billsToTake )-S( $pricesumstr ) " ;
$pkeyid = $utils -> getPrivkey ( $pdo );
openssl_sign ( $data , $signature , $pkeyid );
openssl_free_key ( $pkeyid );
// now add values to closing table to prepare for electronic signature
$sql = " UPDATE %closing% SET billcount=?, billsum=?,signature=? WHERE id=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billsToTake , $pricesum , $signature , $newClosingId ));
// now clean the extras that are assigned to queue - we do not need them anymore
$sql = " DELETE FROM %queueextras% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$sql = " DELETE FROM %queue% WHERE id not in (select distinct queueid FROM %billproducts%) AND billid is null " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
// if bills were cancelled, but products not paid, they have no paidtime, but a billid
// -> thus they reappear in paydesk even after closure - mark them paid with a paidtime
// -> also declare them delivered so that they won't appear in supplydesk
$sql = " UPDATE %queue% set paidtime=?,delivertime=? WHERE billid is not null AND paidtime is null " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingTime , $closingTime ));
2020-11-19 22:50:09 +01:00
$sql = " UPDATE %queue% set delivertime=?,workprinted=? WHERE billid is not null AND delivertime = '0000-00-00 00:00:00' " ;
2020-11-19 22:47:44 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:50:09 +01:00
$stmt -> execute ( array ( $closingTime , 1 ));
2020-11-19 22:47:44 +01:00
$sql = " DELETE FROM %printjobs% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
2020-11-19 22:50:09 +01:00
$sql = " UPDATE %queue% SET isclosed=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( 1 ));
2020-11-19 22:47:44 +01:00
// commit must before email, because there direct access to db happens
$pdo -> commit ();
// now send the email
$toEmail = $this -> getGeneralItemFromDbWithPdo ( $pdo , " receiveremail " );
if (( $toEmail != '' ) && ( strpos ( $toEmail , '@' ) !== false )) {
$theSum = number_format ( $pricesum , 2 , $decpoint , '' );
$this -> emailCsvCore ( $pdo , $newClosingId , $toEmail , " Tagesabschluss " , $prevClosingDate , $closingTime , $theSum , $billsToTake );
}
$admin = new Admin ();
$versionInfo = $admin -> getEnv ( $pdo );
$content = array ( " env " => $versionInfo , " result " => $pricesum , " closingid " => $newClosingId );
// check if new version is evailable
// (do not inform user if last install or update is right before new version - let new version mature a bit..)
$url = " http://www.ordersprinter.de/version/checkversion.php? " ;
$url .= " v= " . $versionInfo [ " version " ] . " &i= " . $versionInfo [ " installdate " ] . " l= " . $versionInfo [ " lastupdate " ];
$ctx = stream_context_create ( array ( 'http' =>
array (
'timeout' => 5 , // 5 seconds
)
));
$newversionavailable = file_get_contents ( $url , false , $ctx );
// TODO: has to be forwarded to user to inform him
echo json_encode ( array ( " status " => " OK " , " msg " => $content ));
}
private function getSumOfBillsWithClosingId ( $closingid , $onlyBar ) {
$sql = " SELECT sum(brutto) as billsum FROM %bill% WHERE closingid=' $closingid ' " ;
if ( $onlyBar ) {
$sql .= " AND paymentid='1' " ;
}
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
$numberOfReturns = mysqli_num_rows ( $dbresult );
$sum = 0.0 ;
if ( $numberOfReturns == 1 ) {
$zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC );
$sum = floatval ( $zeile [ " billsum " ]);
}
mysqli_free_result ( $dbresult );
return $sum ;
}
2020-11-19 22:51:21 +01:00
private function getUserGroupedSumOfClosing ( $pdo , $closingid ) {
$sql = " SELECT userid,username, " ;
$sql .= " ROUND(sum(brutto),2) as billsumall, " ;
$sql .= " ROUND(sum(if(paymentid='1',brutto,'0.00')),2) as sumonlybar, " ;
$sql .= " ROUND(sum(if(status = 'c',brutto,'0.00')),2) as sumcash " ;
$sql .= " FROM %bill%,%user% WHERE userid=%user%.id AND closingid=? GROUP BY userid " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$result = $stmt -> fetchAll ();
return $result ;
}
2020-11-19 22:47:44 +01:00
/*
* Get all closings that are requested :
* if month and year is null or empty ==> last 30 closings
* otherwise query by date
*/
private function getClosings ( $month , $year ) {
2020-11-19 22:51:21 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
$monthText = $month ;
if ( $month < 10 ) {
$monthText = " 0 " . $month ;
}
$lastDayInMonth = date ( " t " , mktime ( 0 , 0 , 0 , $month , 1 , $year ));
$dateStart = $year . $monthText . " 01 " ;
$dateEnd = $year . $monthText . $lastDayInMonth ;
$sql = " SELECT id,closingdate,remark FROM %closing% WHERE DATE(closingdate) BETWEEN ' " . $dateStart . " ' AND ' " . $dateEnd . " ' ORDER BY closingdate DESC LIMIT 30; " ;
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
$resultarray = array ();
while ( $zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC ))
{
$theId = $zeile [ 'id' ];
$closingDate = $zeile [ 'closingdate' ];
$remark = $zeile [ 'remark' ];
$totalSum = $this -> getSumOfBillsWithClosingId ( $theId , false );
$cashSum = $this -> getSumOfBillsWithClosingId ( $theId , true );
2020-11-19 22:51:21 +01:00
$userSums = $this -> getUserGroupedSumOfClosing ( $pdo , $theId );
$closingEntry = array ( " id " => $theId , " closingDate " => $closingDate , " remark " => $remark , " totalsum " => $totalSum , " cashsum " => $cashSum , " usersums " => $userSums );
2020-11-19 22:47:44 +01:00
$resultarray [] = $closingEntry ;
}
mysqli_free_result ( $dbresult );
echo json_encode ( array ( " status " => " OK " , " msg " => $resultarray ));
}
private function getPaymentArray () {
$sql = " SELECT id,name FROM %payment% " ;
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
$retArray = array ();
while ( $zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC ))
{
$retArray [ $zeile [ 'id' ]] = $zeile [ 'name' ];
}
mysqli_free_result ( $dbresult );
return $retArray ;
}
private function getClosing ( $closingid ) {
$this -> retrieveClosingFromDb ( $closingid , false , false );
}
private function exportCsv ( $closingid ) {
$this -> retrieveClosingFromDb ( $closingid , true , false );
}
private function emailCsvCore ( $pdo , $closingid , $toEmail , $topic , $startdate , $enddate , $billsum , $billcount ) {
$msg = $this -> retrieveClosingFromDb ( $closingid , false , true );
$msg = " Zeitraum: $startdate - $enddate\nBrutto -Summe: $billsum\nEnthaltene Bons: $billcount\n\n " . $msg ;
$msg = str_replace ( " \n " , " \r \n " , $msg );
$topictxt = $topic . " " . $closingid . " \r \n " ;
if ( Emailer :: sendEmail ( $pdo , $msg , $toEmail , $topictxt )) {
return true ;
} else {
return false ;
}
}
private function emailCsv ( $closingid , $toEmail , $topic ) {
// additional info to insert into email
$decpoint = $this -> getDecPoint ();
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$prevClosingDate = self :: getDateOfPreviousClosing ( $pdo , $closingid );
if ( is_null ( $prevClosingDate )) {
$prevClosingDate = " " ;
}
$sql = " SELECT closingdate, billcount, billsum FROM %closing% WHERE id=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
$billsum = number_format ( $row -> billsum , 2 , $decpoint , '' );
$billcount = $row -> billcount ;
$closdate = $row -> closingdate ;
if ( $this -> emailCsvCore ( $pdo , $closingid , $toEmail , $topic , $prevClosingDate , $closdate , $billsum , $billcount )) {
echo json_encode ( array ( " status " => " OK " ));
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_EMAIL_FAILURE , " msg " => ERROR_EMAIL_FAILURE_MSG ));
}
}
private function getGeneralItemFromDb ( $field ) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$this -> getGeneralItemFromDbWithPdo ( $pdo , $field );
}
private function getGeneralItemFromDbWithPdo ( $pdo , $field ) {
if ( is_null ( $pdo )) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
}
$aValue = " " ;
$sql = " SELECT setting FROM %config% where name=' $field ' " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
if ( $row != null ) {
$aValue = $row -> setting ;
}
return $aValue ;
}
public static function getDateOfPreviousClosing ( $pdoval , $closingid ) {
if ( is_null ( $pdoval )) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
} else {
$pdo = $pdoval ;
}
// ids can be generated but not used in case of rollback
$sql = " SELECT MAX(id) as previousid FROM %closing% WHERE id<? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
if ( $row != null ) {
$previousId = intval ( $row -> previousid );
$sql = " SELECT closingdate FROM %closing% WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $previousId ));
$row = $stmt -> fetchObject ();
if ( $row != null ) {
return $row -> closingdate ;
} else {
return null ;
}
} else {
return null ;
}
}
private function returnErrorInconsDB ( $doCsvExport , $onlyresultreturn ) {
if ( $doCsvExport ) {
echo " ERROR - signatures do not fit " ;
} else if ( $onlyresultreturn ) {
return " Tagesabschluss-Datum: $closingdate\nBemerkung : $remark\nStatus : Inkonsistente Datenbank \n \n csv-Daten: \n " . $csv ;
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
}
}
private function retrieveClosingFromDb ( $closingid , $doCsvExport , $onlyresultreturn ) {
if ( session_id () == '' ) {
session_start ();
}
$l = $_SESSION [ 'language' ];
$commonUtils = new CommonUtils ();
$currency = $commonUtils -> getCurrency ();
$decpoint = $this -> getDecPoint ();
$paymentArray = $this -> getPaymentArray ();
$previousClosingDate = self :: getDateOfPreviousClosing ( null , $closingid );
$csv = " " ;
if ( $doCsvExport || $onlyresultreturn ) {
$file_name = " tagesabschluss.csv " ;
header ( " Content-type: text/x-csv " );
header ( " Content-Disposition: attachment; filename= $file_name " );
header ( " Cache-Control: must-revalidate, post-check=0, pre-check=0 " );
header ( " Pragma: no-cache " );
header ( " Expires: 0 " );
$csv .= $this -> t [ 'ID' ][ $l ] . " ; " . $this -> t [ 'Date' ][ $l ] . " ; " . $this -> t [ 'Prod' ][ $l ] . " ; " . $this -> t [ 'Brutto' ][ $l ] . " ( $currency ); " ;
$csv .= $this -> t [ 'Netto' ][ $l ] . " ( $currency ); " ;
$csv .= $this -> t [ 'Tax' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'PayWay' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'Userid' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'User' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'State' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'Ref' ][ $l ] . " \n " ;
}
$sql = " SELECT closingdate,remark,signature,billsum,billcount FROM %closing% WHERE id=' $closingid ' " ;
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
$zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC );
$closingdate = $zeile [ 'closingdate' ];
$remark = $zeile [ 'remark' ];
$billsum = $zeile [ 'billsum' ];
$billcount = $zeile [ 'billcount' ];
$signature = $zeile [ 'signature' ];
mysqli_free_result ( $dbresult );
$billIdsAndPaymentsForThatClosing = array ();
$sql = " SELECT %bill%.id as billid,paymentid,billdate,userid,ref,username,status,brutto,netto,IF(tax is not null, tax, '0.00') as tax FROM %bill%,%user% WHERE closingid= $closingid AND %bill%.userid = %user%.id ORDER BY billdate " ;
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
while ( $zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC )) {
$billIdsAndPaymentsForThatClosing [] = array (
" id " => $zeile [ 'billid' ],
" payment " => $zeile [ 'paymentid' ],
" userid " => $zeile [ 'userid' ],
" username " => $zeile [ 'username' ],
" status " => $zeile [ 'status' ],
" brutto " => $zeile [ 'brutto' ],
" netto " => $zeile [ 'netto' ],
" tax " => $zeile [ 'tax' ],
" ref " => $zeile [ 'ref' ],
" billdate " => $zeile [ 'billdate' ]);
}
mysqli_free_result ( $dbresult );
$foundBillCount = count ( $billIdsAndPaymentsForThatClosing );
if ( is_null ( $previousClosingDate )) {
$startDate = " " ;
} else {
$startDate = $previousClosingDate ;
}
$billsumstr = number_format ( $billsum , 2 , " . " , '' );
$data = " I( $closingid )-S( $startDate )-E( $closingdate )-D( $billcount )-S( $billsumstr ) " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$pubkeyid = $commonUtils -> getCert ( $pdo );
$ok = openssl_verify ( $data , $signature , $pubkeyid );
openssl_free_key ( $pubkeyid );
if (( $ok == 0 ) || ( $billcount <> $foundBillCount )) {
// something went wrong!
$this -> returnErrorInconsDB ( $doCsvExport , $onlyresultreturn );
return ;
}
$retValues = array ();
for ( $index = 0 ; $index < count ( $billIdsAndPaymentsForThatClosing ); $index ++ ) {
$aBillId = $billIdsAndPaymentsForThatClosing [ $index ][ 'id' ];
if ( ! $commonUtils -> verifyBill ( $pdo , $aBillId )) {
$this -> returnErrorInconsDB ( $doCsvExport , $onlyresultreturn );
return ;
}
$billdate = $billIdsAndPaymentsForThatClosing [ $index ][ 'billdate' ];
$paymentid = $billIdsAndPaymentsForThatClosing [ $index ][ 'payment' ];
$userid = $billIdsAndPaymentsForThatClosing [ $index ][ 'userid' ];
$username = $billIdsAndPaymentsForThatClosing [ $index ][ 'username' ];
$status = $billIdsAndPaymentsForThatClosing [ $index ][ 'status' ];
$brutto = $billIdsAndPaymentsForThatClosing [ $index ][ 'brutto' ];
$netto = $billIdsAndPaymentsForThatClosing [ $index ][ 'netto' ];
$tax = $billIdsAndPaymentsForThatClosing [ $index ][ 'tax' ];
$ref = $billIdsAndPaymentsForThatClosing [ $index ][ 'ref' ];
$ref = ( $ref == null ? " " : $ref );
if ( $status == 'c' ) {
$statusTxt = $this -> t [ 'cashact' ][ $l ]; // "Bareinlage/-entnahme";
$brutto = number_format ( $brutto , 2 , $decpoint , '' );
$netto = number_format ( $netto , 2 , $decpoint , '' );
$tax = number_format ( $tax , 2 , $decpoint , '' );
$retValues [] = array (
" billid " => $aBillId ,
" paidtime " => $billdate ,
" productname " => $this -> t [ 'cashaction' ][ $l ], // Kassenaktion
" price " => $brutto ,
" netto " => $netto ,
" tax " => number_format ( 0.00 , 2 , $decpoint , '' ),
" payment " => $paymentArray [ $paymentid ],
" userid " => $userid ,
" username " => $username ,
" status " => $statusTxt ,
" ref " => $ref );
if ( $doCsvExport || $onlyresultreturn ) {
$csv .= " $aBillId ; \" $billdate\ " ; \ " " . $this -> t [ 'cashaction' ][ $l ] . " \" ; \" $brutto\ " ; \ " $netto\ " ; \ " $tax\ " ; \ " $paymentArray[$paymentid] \" ; $userid ; \" $username\ " ; \ " $statusTxt\ " ; $ref\n " ;
}
} else {
$sql = " SELECT DISTINCT productname,price,%queue%.tax as tax FROM %queue%,%billproducts% WHERE %billproducts%.billid=' $aBillId ' AND %billproducts%.queueid=%queue%.id " ;
if ( $status == 'x' ) {
$statusTxt = $this -> t [ " laterCancelled " ][ $l ];
} else if ( $status == 's' ) {
$statusTxt = $this -> t [ " storno " ][ $l ];
} else {
$statusTxt = " " ;
$sql = " SELECT productname,paidtime,price,tax FROM %queue% WHERE billid= $aBillId " ;
}
$dbresult = $this -> dbutils -> performSqlCommand ( $sql );
while ( $zeile = mysqli_fetch_array ( $dbresult , MYSQL_ASSOC )) {
$productname = $zeile [ 'productname' ];
$tax = $zeile [ 'tax' ];
$paidtime = ( $billdate == null ? " " : $billdate ) ;
$price = ( $status == 's' ? 0.0 - floatval ( $zeile [ 'price' ]) : $zeile [ 'price' ]);
$netto = $price / ( 1 + $tax / 100.0 );
$netto = number_format ( $netto , 2 , $decpoint , '' );
$price = number_format ( $price , 2 , $decpoint , '' );
$formattedtax = number_format ( $tax , 2 , $decpoint , '' );
$retValues [] = array (
" billid " => $aBillId ,
" paidtime " => $paidtime ,
" productname " => $productname ,
" price " => $price ,
" netto " => $netto ,
" tax " => $formattedtax ,
" payment " => $paymentArray [ $paymentid ],
" userid " => $userid ,
" username " => $username ,
" status " => $statusTxt ,
" ref " => $ref );
$productname = str_replace ( '"' , '""' , $productname );
if ( $doCsvExport || $onlyresultreturn ) {
$csv .= " $aBillId ; \" $paidtime\ " ; \ " $productname\ " ; \ " $price\ " ; \ " $netto\ " ; \ " $formattedtax\ " ; \ " $paymentArray[$paymentid] \" ; $userid ; \" $username\ " ; \ " $statusTxt\ " ; $ref\n " ;
}
}
mysqli_free_result ( $dbresult );
}
}
if ( $doCsvExport ) {
echo $csv ;
} else if ( $onlyresultreturn ) {
return " Tagesabschluss-Datum: $closingdate\nBemerkung : $remark\n\ncsv -Daten: \n " . $csv ;
} else {
echo json_encode ( array ( " status " => " OK " , " msg " => $retValues , " closingid " => $closingid , " closingdate " => $closingdate , " previousClosingDate " => $previousClosingDate ));
}
}
public function getClosingSummaryWoSign ( $closingid , $pdo , $fromWeb ) {
return $this -> getClosingSummaryCore ( $closingid , $pdo , $fromWeb , false );
}
public function getClosingSummary ( $closingid , $pdo , $fromWeb ) {
return $this -> getClosingSummaryCore ( $closingid , $pdo , $fromWeb , true );
}
public static function checkForClosingConsistency ( $pdo , $closingid ) {
$sql = " select id,closingdate,billcount,billsum,remark,signature from %closing% where id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$closingpart = $stmt -> fetchObject ();
$previousClosingDate = self :: getDateOfPreviousClosing ( $pdo , $closingid );
if ( is_null ( $previousClosingDate )) {
$startDate = " " ;
} else {
$startDate = $previousClosingDate ;
}
$billsumstr = number_format ( $closingpart -> billsum , 2 , " . " , '' );
$billcount = $closingpart -> billcount ;
$closingdate = $closingpart -> closingdate ;
$data = " I( $closingid )-S( $startDate )-E( $closingdate )-D( $billcount )-S( $billsumstr ) " ;
$commonUtils = new CommonUtils ();
$pubkeyid = $commonUtils -> getCert ( $pdo );
$ok = openssl_verify ( $data , $closingpart -> signature , $pubkeyid );
openssl_free_key ( $pubkeyid );
return $ok ;
}
public function getClosingSummaryCore ( $closingid , $pdo , $fromWeb , $exportSignature ) {
if ( is_null ( $pdo )) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
};
$sql = " select id,closingdate,billcount,billsum,remark,signature from %closing% where id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$closingpart = $stmt -> fetchObject ();
$ok = self :: checkForClosingConsistency ( $pdo , $closingid );
if (( $ok == 0 )) {
if ( $fromWeb ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
} else {
return null ;
}
}
$sql = " select sum(%bill%.brutto) as sum,sum(%bill%.netto) as netto,%payment%.name,%bill%.status from %bill%,%payment% where " ;
$sql .= " %bill%.closingid=? and " ;
$sql .= " %bill%.paymentid=%payment%.id " ;
$sql .= " group by %bill%.tax,%payment%.name,%bill%.status " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$overview = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
$sql = " select count(%queue%.productname) as count,%queue%.productname,%queue%.price,%queue%.tax as tax,sum(%queue%.price) as sumprice " ;
$sql .= " from %queue%,%bill% where " ;
$sql .= " %queue%.billid=%bill%.id AND %bill%.closingid=? AND " ;
$sql .= " %bill%.status is null " ;
$sql .= " group by %queue%.productname,%queue%.price " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$details = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
// -> returns something like this:
if ( ! $exportSignature || $fromWeb ) {
unset ( $closingpart -> signature );
}
$retVal = array ( " closing " => $closingpart , " overview " => $overview , " details " => $details );
if ( $fromWeb ) {
echo json_encode ( array ( " status " => " OK " , " msg " => $retVal ));
} else {
return $retVal ;
}
}
}
?>